[cryptography] Bonding or Insuring of CAs?
James A. Donald
jamesd at echeque.com
Sat Jan 26 03:52:32 EST 2013
On 2013-01-26 8:31 AM, Paul Hoffman wrote:
> Since there isn't a strong list moderator here, I gotta ask: is this (and similar PKIX-is-broken threads) on-topic for this mailing list? Regardless of how much I agree with the sentiment, it seems to have nothing to do with cryptography. Maybe someone should set up a post-pki mailing list for such threads? (Or maybe I should be less cranky?)
Political solutions for PKI problems, such as bonding CAs seem obviously
off topic for me.
But PKI problems are obviously on topic. Most security problems occur
at the interface between people and algorithms. User interface is the
hard problem of encryption.
So a people related security problem is on topic, and some solutions to
that problem are on topic, and some are off topic. The more the
proposed solution is people dealing with people, the less it is on
topic, and the more the proposed solution is people dealing with
computers, the more it is on topic.
More information about the cryptography